Cloud Management Platform Comparisons and Opinions

One of the largest movements in Wi-Fi over the past decade has been to cloud-based management. It seems every single vendor has their own cloud-based management platform. To help differentiate them, I put together a comparison table (at the bottom of the post) that goes over the major features and functionality that many organizations might be looking for. This is by no means an exhaustive list of vendors or of features, merely the top platforms and feature sets that I encounter out there.

Also, as a disclaimer, these are my personal thoughts and opinions driven by the information that I have seen and through my experiences on these platforms. I have been hands-on with every one of these platforms except for Ubiquiti. But that does not mean that my experience will match everyone’s. As with everything in IT, trust, but verify.

Meraki

Meraki was one of the first to market with a cloud-managed platform. Spawning from the MIT Roofnet project and then becoming an actual company in 2006, Meraki grew quite quickly, and in late 2012 was acquired by Cisco. Since that acquisition they have continued to grow at an incredibly rapid pace.

Pros: In my opinion, Meraki has always had one of the cleanest/most intuitive of all the interfaces. Despite adding new product categories (security appliances, switches, cameras, phones, MDM) to their dashboard, they have been able to keep it clean and consistent—and with seemingly everything hyperlinked together. An administrator can easily drill from one thing to another on the fly.

Meraki also has a strong set of “live-tools” built into their interface, allowing easy remote troubleshooting through a number of basic tools that can be executed from the dashboard to a device or from the device itself. In most of their devices, there is also a tertiary radio that can be used for spectrum analysis. This can be an incredible tool for troubleshooting random connectivity issues.

Meraki’s single subscription per access point contains all of the functionality that they have built into their dashboard. They have yet to release a wireless feature that requires extra licensing. As you grow your network and add new APs and their subsequent subscriptions, all of your subscriptions will automatically co-terminate together. This is done through a weighting process that’s fairly hard to explain, but I’ll try a simple example. If I purchase 10 APs with a 1-year subscription in January, and in June, after six months have gone by (and I have another six months left on the original 10), I purchase 10 more APs with 1-year subscriptions. My final expiration date would actually be in March. Because the original 10 APs’ expiration date will be dragged forward, while the second group of APs will be dragged back, averaging all of the 20 subscriptions out to a March expiration. Meraki does a much better job of explaining this in their documentation.

Cons: The largest drawback to Meraki has always been their subscription-expiration policy. Meraki is the only provider on the list whose product will stop working if your subscription expires. They do provide you a 30-day grace period and will alert you in a number of different ways that your subscription is close to expiring.

I’m also going to include here their automatic subscription co-termination, despite also having it as a pro. I know many finance departments wouldn’t be happy with paying for something for 36 months, but due to it being added to an existing deployment, end up getting much less than that due to this policy.

Aruba Central

Aruba’s cloud platform was announced shortly after Cisco acquired Meraki. The platform has continued to grow, and since the acquisition of Aruba by HPE, has even begun to include the ability to manage many of the HPE Networking switches as well.

Pros: Aruba has consistently been one of the most well regarded wireless companies, with consistent praise for their RF design and their enterprise grade feature sets. With Central, Aruba has provided another way of controlling their outstanding hardware and is compatible with most of their access points that use their Instant architecture. However, moving forward, Aruba has made the process even more simple with the release of their Universal image. This image is only shipping on a few of their newer access points but will take much of the confusion out of the ordering process. Here’s a great blog that goes into detail about the new image.

Aruba made a very wise choice when it came to the flow of their cloud interface. Borrowing much of the same nomenclature and mimicking the same feel as their widely used controller platforms. This makes it easier for organizations who are already comfortable with Aruba’s management to easily transition and understand their cloud interface.

Another plus is their ability to manage other devices in the Aruba Networks lineup, such as many of the switches that the lineup inherited from the ProCurve lineup—many of which retained their famed lifetime warranty as well. Since this follows on the heels of the Meraki write-up, I’ll point out that if your Aruba Central subscription lapses, their APs will retain the last known configuration provided by Central and remain running as Instant access points. However, you will need to remove them from the cloud inventory before being able to manage them directly again.

Cons: Although their base platform has a very enterprise-ready feature set, there are certain things that Aruba charges additional licenses for, such as guest management and presence analytics. Their interface uses an “app-switcher” (my term) in the upper left-hand corner, with each “app” being a different management section, including any added extra functionality. This layout took a bit of time to get used to, and once I understood it, the only time I knew to navigate to a different “app” was when I didn’t see the necessary feature that I was looking for.

Ruckus

Ruckus is best known for their BeamFlex technology. And maybe second-best known for their odyssey of acquisition over the past few years. If I have their journey correct, they were first purchased by Brocade in 2016. Then Brocade was purchased in a major acquisition by Broadcom. But then Broadcom spun off Ruckus and the Brocade ICX lineup to Arris. All of this started in 2016 and has just recently begun to settle down. Ruckus as a company has done a great job of weathering this storm and done their best to continue to operate as if none of this was going on around them.

When it comes to their cloud platform, they were certainly a bit late to the party, releasing theirs publicly in the middle of 2016. Unfortunately, it still feels as though it is lagging behind the others in terms of features and polish as well. Their access points and controllers, however, are rock solid, and they do have a strong roadmap of features coming which should help bring them to parity with the rest of the market.

Pros: As I stated above, one of the largest strengths of Ruckus is their Beamflex technology. Their cloud platform works with most of their access points (but not all), so your deployment gets to take advantage of this as well.

All of these platforms offer some form of guest Wi-Fi. However, it’s always in how it’s deployed that sets them apart. As much as I’m a fan of simple and open guest networks, many organizations like to be able to lock down access to those that they deem necessary. This is often done through some sort of on-boarding process, whether it’s a self-supported process, or if access has to be sponsored from someone within the organization. Ruckus allows you to have a guest administrator who can hand out personalized credentials to guests. As part of this process, the administrator needs to put in the guest’s information such as name, email address, phone number, etc. Ruckus has made this even easier by implementing a feature on their mobile app that can actually scan a business card and auto-fill the corresponding information fields. This is a really slick method and makes the process much more efficient. Also as part of the process, the administrator can choose how long the user’s credentials are good for and how many client devices can use those same credentials.

Cons: Take a look at the table—their feature parity just isn’t there yet. I’ve also run into some strange bugs in their analytics portion.

One of the largest bugs/issues that I’ve run into has just been getting to the dashboard itself. For a long time now, I’ve been unable to get to it using Chrome, and Firefox usually times out as well. When on my Windows device I’m able to get to it through Internet Explorer, although it’s still unfortunately slow. On my Mac it timed out on Chrome and Safari; however, I was able to access it using Opera. From what I understand this is a known bug and something they are working on.

Another drawback is that if your subscription lapses, the access points will “halt” until reconfigured as autonomous APs or pointed to a controller. I wish they went with the same method as Aruba and have them fall to their Unleashed platform (which is their equivalent of Aruba Instant). I do understand that these things might be platform specific and potentially are not possible. At least your investment in access points wouldn’t be lost completely. Those APs can be reconfigured and continue to be used. I just hate the “halting,” and would much rather they proceed on with the last known good configuration. Obviously, any features that are reliant on the cloud would understandably cease, but normal traffic could continue to be passed.

Aerohive

Where do I begin with Aerohive? They have historically been a company filled with some of the top engineers in the industry. The last headline that I saw was that they employ 14 CWNEs. To put that into context, at the time I wrote this post, there are only around 265 CWNEs, world-wide. They have consistently been a company driven by engineers. They have heavy adoption in the education space and seemed to have focused on that vertical. Aerohive has also been a large OEM player, partnering with the likes of Dell and others.

Aerohive’s original platform, which they are now calling Classic, had a huge feature set. However, many IT pros actually considered that its drawback. It was an interface that wasn’t entirely intuitive and had a number of nerd-knobs that were in areas that were hard to remember. Much of the flow felt disjointed, with menu selections starting vertically, then expanding horizontally, with drop-downs thrown in for good-measure. As with any interface, people who knew it could fly through it. For those who only touched it sporadically, though, it could be a struggle. That said, it was incredibly granular and provided features that weren’t really available at that time.

To their credit, Aerohive heard the criticism and knew they were being constantly compared against Meraki’s dashboard. So they decided to revamp theirs to make it cleaner and more intuitive and thus released HiveManager NG. Because everything released around that time period had to be “next generation.” (Star Trekwas apparently way ahead of its time.) Unfortunately, when NG was originally released it didn’t have anywhere near feature parity to Classic, so adoption of it was fairly slow. Further limiting adoption was that Aerohive never created an easy migration path from Classic to NG. I understand that they were two completely separate platforms, more than likely based on two different back-end architectures. However, a migration tool, even if an at-cost tool, would have really helped drive adoption. That all said, today HiveManager NG, now called Select, does have feature parity to Classic.

Recently, Aerohive released a free version of their HiveManager called Connect, which is essentially a hamstrung version of their platform with some feature limitations. Plus, since it’s free, it also doesn’t include any product support—but you can purchase it. Connect actually runs on the Select platform, so by default you can see all the features you are missing out on by not paying for your subscription. Thankfully, they have graciously allowed you to shut this “feature” off.

Pros: Aerohive is a mature product, and although its management interface has gone through a number of iterations, I think it’s come out the other side a better product for it.

One of the features that Aerohive has always touted is their private pre-shared key (PPSK) feature. This is available in both their Classic and Select platforms. Other products offer this same feature, but Aerohive has done a good job in their implementation and promotion of the product. They also have made an iOS app so organizations can set up a kiosk with an iPad for users to self-register and receive their guest credentials.

Another thing that I like about the Aerohive solution is their expiration policy. Obviously, this is only applicable to their Select platform, since the Connect platform is free and therefore subscription-less. If your Select platform expires, your equipment will continue to run. However, you do lose the ability to actually manage the product until you do one of two things. Either you renew your subscription, or, if you decide that you do not need the entire feature set of Select, you can spin up a new Connect platform and move your APs over to it. Unfortunately, this migration will not be seamless. So it’s not a completely pain-free policy—but certainly better than others.

Cons: In my opinion, HiveManager NG is vastly improved upon in Classic. That said, the interface can still feel cluttered and almost rambling. The dashboard portion is fairly solid, but the configuration of SSIDs feels disjointed. Still, for many, the setup of networks will be fairly set and forget, with monitoring and troubleshooting being the primary uses of the dashboard.

With their Connect platform, you can purchase one of their APs for a relatively cheap price, with MSRPs on their AP122 for $229 and AP130 at $299. Personally, I’m not a fan of fighting down. I understand that they are trying to get their product out at a cheap price to introduce it to the world and to compete against the UBNTs of the world. However, to reach that price point something normally has to give.

Ubiquiti

Ubiquiti is an interesting company. On one hand, a lot of people swear by their equipment; others have less than positive things to say. One thing that most do agree on, however, is that their bridging equipment is rock solid, especially for the price point. Today, though, we’re talking about their cloud platform. It’s the only one on this list that I have yet to get any real hands-on experience with however. Also, this was the only vendor that I wasn’t able to confirm any of the information with—which I’ll get into in the “Cons” section. This is a platform I’m going to try and learn more about as the year goes on, because they seem to be growing and their platform and features seem to be very promising. With that said, I’m going to do my best to reserve judgment on the product until that time, except for the lack of support or contacts. That’s a personal pet peeve of mine.

Pros: Cheap. Most of their APs run right about $100, with their cloud dashboard costing $199 for one year, but that covers 100 devices. To put this into perspective, Meraki’s one-year subscription for one device has an MSRP of $150, and that’s pretty standard across the rest of the platforms as well. From what I understand, you will need their cloud key, which is actually a cool bit of kit. It looks like a USB key that hangs off of a port on your switch and acts as a gateway from your on-premises equipment to their cloud dashboard. At least that’s how I understand it. Again, I wasn’t able to talk to anyone about it.

Their dashboard seems fairly clean from the demo that I was able to find online. They also do seem to be putting some interesting features and functionality into their devices. But again, I have zero hands-on experience outside of seeing the demo online.

Cons: No support. Well, that’s not 100% true—you can get support in a forum, which does have Ubiquiti employees who respond. But there’s no dedicated SLA, or even a guarantee that you will receive an answer. However, there are many rabid UBNT fans on the forum who do what they can to provide answers and help. But I don’t know that I would want to hang my organization’s infrastructure on potentially receiving an answer on an issue from a forum.

For transparency, I should note that I have seen discussions of UniFi Elite, which apparently provides phone support, but that’s all I have seen, discussions. Nothing solid. But maybe I’m missing something obvious.

A great example of the lack of support is just this post itself. I sent the table to all of the vendors to verify my entries and gain further insight. While I’m sure I could have posted this to the forum and received a response, I didn’t want a response from someone who runs a WISP off of Ubiquiti equipment—I wanted it from the horse’s mouth. The only method of directly contacting them that seemed to work was through a Facebook Message from my personal Facebook account. Ubiquiti’s social media team did answer, saying they forwarded my request off to the appropriate party. However, I never received any response, despite following up again. Their social media team did respond both times I reached out within 24 hours. But only that they were sending my request off or following up with the appropriate resources. So that’s why you don’t see them on the table. If I do receive a response, I will be more than happy to update the table and this post with the findings.

Conclusion

As you can see, all of these platforms have both strengths and weaknesses. As with anything, it’s taking a look at the different offerings and determining what feature-set coincides best with your organization’s needs.

Dan Ryan is a Senior Inside Solutions Architect in the Technical Sales Group and Team Lead for the NetCom ISA Team, at Connection. With 13 years of experience in Networking Solutions, he is now spearheading a new ISA role that strictly covers Wireless Networking and Mobile Device Management. Because wireless has become such a passion of his, he has attained CWNA, CWDP, and CWAP certifications and aspires to achieve his CWNE certification. In his free time, he enjoys reading, hiking, skiing, spending time with his family, including his 2-year-old daughter, and working on his old house.